my recent reads..

Atomic Accidents: A History of Nuclear Meltdowns and Disasters; From the Ozark Mountains to Fukushima
Power Sources and Supplies: World Class Designs
Red Storm Rising
Locked On
Analog Circuits Cookbook
The Teeth Of The Tiger
Sharpe's Gold
Without Remorse
Practical Oscillator Handbook
Red Rabbit

Wednesday, July 20, 2011

Mikko Hyppönen@TED

Doing more than just talking about viruses: he fires up a few classics in a DOS box and pokes around with a binary editor before looking at current threats and live infection data. Very cool and entertaining. Not many are brave enough to do live demos, but if you watch to the end you'll get to see how prepared he was for failure;-)

Best served with sides of:
  • Daniel Suarez's Daemon - for the extreme version of how bad things can go wrong,
  • Rebecca MacKinnon: Let's take back the Internet! - because maybe organised crime is the perfect distraction as we rush headlong to enslave ourselves to the Sovereigns of the Internet, and
  • Security Now! #291 - for Steve Gibson's deconstruction of stuxnet, the most spohisticated Internet-borne "weaponised payload" ever discovered... and perhaps a plausibly-deniable warning from Government(s) that "you call that a knife? THIS is a knife!"



PS: better quality vid on youtube. And yes, that is a 5 1/4" floppy.

Blogarhythm: Security - Jo Jo Zep & The Falcons

Sunday, July 10, 2011

It goes PING!

If you're like me, you have a bunch of trusty (and rusty) shell scripts that you reach for when doing things like testing a new load balancer.

Enough of that! igp (It goes PING!) is a simple command line utility for testing services with a range of common protocols: ICMP, UDP, TCP, HTTP/S, LDAP/S and so on.

This is nothing earth shattering I know, but it's nice to have simple cross-platform (since it's ruby) tool that does all the common protocols in one. Thankfully, most of the work has already been done by the net-ping library - igp really just provides a sleek command-line wrapper.

The only dependency is ruby+rubygems. Just:
gem install igp
And then you are ready to capture traces, for example:
igp my.server.com
# ^ ICMP assumed by default. This is the same as:
igp icmp://my.server.com

igp http://my.insecure.server.com
igp http://my.insecure.server-hiding-on-a-funny-port.com:8080/javascripts/all.js

igp https://my.secure.server.com
igp https://my.secure.server-hiding-on-a-funny-port.com:4443

igp tcp://my.tcp-service.com:9091
igp udp://my.udp-service.com:123

igp ldap://my.insecure.ldap.server.com
igp ldaps://my.secure.ldap.server.com


Blogarhythm: Keep it Up - Snap!